b8ac7eb71899768346740639802b2826_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b8ac7eb71899768346740639802b2826_JaffaCakes118
Size

7.4MB
MD5

b8ac7eb71899768346740639802b2826
SHA1

e766a84d60c85594f500a055f20e0b6440be1e34
SHA256

f1d254fe9d2d3913a9f9f03e41ae9e9eafe1cb103552185b9106c9248e68fc1c
SHA512

3f43957155878fb3966740dc119021e2441ed20bd95fd8a46840f9cff82e6a3ff499307accd0707634c42d75af91f85506eaa26cf173674c07f1c87b4315ce51
SSDEEP

196608:PSijy2T5uq7AA70oBkyzc02UPua00YZ7cTMU4bv916T5Y:PSiFhUA76yz4UhxYZoMUY9MT5Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8ac7eb71899768346740639802b2826_JaffaCakes118

Files

b8ac7eb71899768346740639802b2826_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0e121556920f520c8e3de2019f324987

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetStringTypeExW
GetUserDefaultLCID
GlobalUnlock
GetLogicalDriveStringsA
GetCommandLineW
GetVolumeInformationW
SetCommTimeouts
GetSystemTimeAsFileTime
GetDriveTypeW
FormatMessageA
ReadConsoleOutputA
CreateFileW
FatalAppExitA
OpenFile
DuplicateHandle
WriteConsoleOutputCharacterA
PurgeComm
ReleaseSemaphore
GetNumberFormatW
CreateEventA
EnumSystemCodePagesA
GetProfileIntA
MoveFileW
SetFileAttributesA
GetHandleInformation
GetTapeStatus
VirtualAlloc
EndUpdateResourceA
GetShortPathNameA
CreatePipe
GlobalFindAtomA
GetConsoleMode
SetFileTime
GlobalAddAtomA
LoadResource
PulseEvent
CreateMutexW
GetDriveTypeA
GetModuleFileNameW
GetLongPathNameA
IsBadWritePtr
ExitProcess
FormatMessageW
WaitNamedPipeA
GetFullPathNameA
CompareStringA
DeleteCriticalSection
GetDiskFreeSpaceW
DebugBreak
GetModuleHandleA
MoveFileExA
GlobalDeleteAtom
SetConsoleWindowInfo
GetSystemDefaultLangID
RemoveDirectoryA
_lopen
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentProcess
ExpandEnvironmentStringsW
GetProfileStringA
SetMailslotInfo
GetPrivateProfileSectionW
VirtualLock
FlushFileBuffers
GetLargestConsoleWindowSize

user32

EnumDesktopWindows
SendMessageW
SetUserObjectSecurity
GetCaretPos
GetClassInfoExW
GetDlgItemTextW
CopyAcceleratorTableW
GetMenuStringA
CreateWindowExA
SetWindowLongA
CopyImage
OpenClipboard
GetMenuItemInfoA
DefDlgProcW
UnhookWindowsHook
MessageBeep
EnumDesktopsW
MessageBoxA
MapVirtualKeyA
SetDlgItemTextA
ShowCursor
GetTopWindow
GetWindowPlacement
GetWindowThreadProcessId
DialogBoxParamW
ModifyMenuA
TranslateMessage
CharNextA
GetClipboardOwner
SetWindowPos
GetMonitorInfoA
LoadIconA
CharUpperBuffA
CreateDesktopW
EnableScrollBar
CreatePopupMenu
LoadMenuIndirectW
GetMenuState
DrawMenuBar
RegisterClassA
CharNextExA
DrawTextA
TileWindows
GetUpdateRect
PtInRect
ChildWindowFromPointEx
CharLowerW
OpenIcon
wvsprintfA
CharLowerBuffA
GetShellWindow
SetActiveWindow
ShowScrollBar
EnumThreadWindows
SetWindowRgn
RegisterClassExA
SetProcessWindowStation
DefMDIChildProcA
SendDlgItemMessageA
DispatchMessageA
MessageBoxExA
GetWindowInfo
GetSubMenu
HideCaret
LookupIconIdFromDirectory
SetCapture

gdi32

SetWinMetaFileBits
StartPage

comdlg32

FindTextW
ReplaceTextW

advapi32

GetSidLengthRequired
GetSidIdentifierAuthority
LookupAccountNameA
StartServiceW
SetSecurityDescriptorDacl
GetCurrentHwProfileW
RegLoadKeyW
RegCloseKey
BuildTrusteeWithSidW
CreateServiceW
LookupPrivilegeValueW
SetSecurityDescriptorSacl
QueryServiceConfigA
AccessCheckAndAuditAlarmA
AdjustTokenPrivileges
QueryServiceObjectSecurity
LookupAccountNameW
FreeSid
RegisterServiceCtrlHandlerA
AllocateAndInitializeSid

shell32

Shell_NotifyIconW
ExtractIconExW
SHGetSpecialFolderPathA
SHGetSettings
SHFileOperationA

ole32

CoMarshalInterThreadInterfaceInStream
CLSIDFromString
OleCreateLink
CoInitializeEx
CreateOleAdviseHolder
OleCreate
OleInitialize
OleBuildVersion
ReadClassStm
OleRegGetMiscStatus

comctl32

PropertySheetA
CreatePropertySheetPageW

shlwapi

PathIsSameRootW
StrRChrA
PathIsDirectoryA
StrRetToBufW
PathIsUNCA
UrlCombineW
AssocQueryKeyW
PathFindFileNameA
StrRetToStrW
PathIsUNCW
PathRemoveBlanksA
StrChrIA
PathRenameExtensionW
PathAddBackslashW
SHGetValueA
SHDeleteKeyW
PathIsFileSpecA
PathRemoveArgsW

msvcrt

_strupr
getenv
_kbhit
__p___argc
_fullpath
_wfsopen
memmove
_wcsicmp
_ecvt
_ltoa
_mbsnbcmp
_finite
floor
sscanf
_write
strncpy
fgetc
setvbuf
_strtime
vfprintf
isalnum
strtoul
_unlink
_memicmp
fputws
strftime
_filelength
fwprintf
frexp
qsort
localeconv
_ui64tow
_stricoll
wcstombs
_c_exit
_strlwr
bsearch
_wfreopen
fread
_mbsupr
_wgetcwd
realloc
difftime
isxdigit

Sections

.text
Size: 4KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0e121556920f520c8e3de2019f324987

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 7.3MB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 7.3MB - Virtual size: 7.3MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 4KB - Virtual size: 7.3MB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 7.3MB - Virtual size: 7.3MB

.rsrc
Size: 68KB - Virtual size: 66KB